no-mistakes 0.6.0 → 0.8.0

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "no-mistakes",
-  "version": "0.6.0",
+  "version": "0.8.0",
   "description": "Static codebase analysis tools for TS/JS dependencies, dependents, and symbols",
   "license": "MIT",
   "repository": {
@@ -23,8 +23,5 @@
   },
   "scripts": {
     "postinstall": "node scripts/install.js"
-  },
-  "dependencies": {
-    "no-mistakes-core": "0.6.0"
   }
 }

package/scripts/install/assets.js

@@ -0,0 +1,39 @@
+"use strict";
+
+const { basename } = require("node:path");
+
+function assetName(binName, version, target) {
+  const ext = target.endsWith("windows-msvc") ? ".exe" : "";
+  return `${binName}-v${version}-${target}${ext}`;
+}
+
+function releaseBaseUrl(repository, version, envVar) {
+  return (
+    (envVar && process.env[envVar]) ||
+    `https://github.com/${repository}/releases/download/v${version}`
+  );
+}
+
+function parseChecksum(text, expectedAsset) {
+  for (const line of text.split(/\r?\n/)) {
+    const trimmed = line.trim();
+    if (!trimmed) {
+      continue;
+    }
+    const [hash, file] = trimmed.split(/\s+/, 2);
+    if (!/^[a-fA-F0-9]{64}$/.test(hash)) {
+      continue;
+    }
+    const normalizedFile = file?.replace(/^\*/, "");
+    if (!file || normalizedFile === expectedAsset || basename(normalizedFile) === expectedAsset) {
+      return hash.toLowerCase();
+    }
+  }
+  throw new Error(`No SHA-256 checksum found for ${expectedAsset}`);
+}
+
+module.exports = {
+  assetName,
+  parseChecksum,
+  releaseBaseUrl,
+};

package/scripts/install/download.js

@@ -0,0 +1,100 @@
+"use strict";
+
+const { copyFile, readFile } = require("node:fs/promises");
+const { createWriteStream } = require("node:fs");
+const http = require("node:http");
+const https = require("node:https");
+const { pipeline } = require("node:stream/promises");
+const { fileURLToPath } = require("node:url");
+
+const DOWNLOAD_TIMEOUT_MS = 30_000;
+
+function download(url, destination, redirects = 0) {
+  if (url.startsWith("file://")) {
+    return copyFile(fileURLToPath(url), destination);
+  }
+
+  return request(
+    url,
+    async (response) => {
+      await pipeline(response, createWriteStream(destination));
+    },
+    redirects,
+  );
+}
+
+function request(
+  url,
+  handleResponse,
+  redirects = 0,
+  clients = { http, https },
+  timeoutMs = DOWNLOAD_TIMEOUT_MS,
+) {
+  return new Promise((resolve, reject) => {
+    const client = url.startsWith("http://") ? clients.http : clients.https;
+    const req = client.get(url, (response) => {
+      if (isRedirectStatus(response.statusCode)) {
+        response.resume();
+        if (redirects >= 5) {
+          reject(new Error(`Too many redirects while downloading ${url}`));
+          return;
+        }
+        if (!response.headers.location) {
+          reject(new Error(`Redirect missing Location header while downloading ${url}`));
+          return;
+        }
+        request(
+          new URL(response.headers.location, url).toString(),
+          handleResponse,
+          redirects + 1,
+          clients,
+          timeoutMs,
+        ).then(resolve, reject);
+        return;
+      }
+
+      if (response.statusCode !== 200) {
+        response.resume();
+        reject(new Error(`Download failed for ${url}: HTTP ${response.statusCode}`));
+        return;
+      }
+
+      Promise.resolve(handleResponse(response)).then(resolve, reject);
+    });
+
+    req.setTimeout(timeoutMs, () => {
+      req.destroy(new Error(`Download timed out after ${timeoutMs}ms: ${url}`));
+    });
+    req.on("error", reject);
+  });
+}
+
+function isRedirectStatus(statusCode) {
+  return [301, 302, 303, 307, 308].includes(statusCode);
+}
+
+async function fetchText(url) {
+  if (url.startsWith("file://")) {
+    return readFile(fileURLToPath(url), "utf8");
+  }
+  const chunks = [];
+  let totalLength = 0;
+  const MAX_LENGTH = 1024 * 1024;
+  await request(url, async (response) => {
+    for await (const chunk of response) {
+      totalLength += chunk.length;
+      if (totalLength > MAX_LENGTH) {
+        throw new Error(`Response exceeded maximum size of ${MAX_LENGTH} bytes`);
+      }
+      chunks.push(chunk);
+    }
+  });
+  return Buffer.concat(chunks).toString("utf8");
+}
+
+module.exports = {
+  download,
+  fetchText,
+  isRedirectStatus,
+  request,
+};

package/scripts/install/index.js

@@ -1,3 +1,13 @@
 "use strict";
 
-module.exports = require("no-mistakes-core");
+const assets = require("./assets");
+const download = require("./download");
+const installer = require("./installer");
+const platform = require("./platform");
+
+module.exports = {
+  ...assets,
+  ...download,
+  ...installer,
+  ...platform,
+};

package/scripts/install/installer.js

@@ -0,0 +1,124 @@
+"use strict";
+
+const { createHash } = require("node:crypto");
+const { closeSync, createReadStream, existsSync, openSync, readSync } = require("node:fs");
+const { chmod, mkdir, rename, rm } = require("node:fs/promises");
+const { join } = require("node:path");
+
+const { assetName, parseChecksum, releaseBaseUrl } = require("./assets");
+const { download, fetchText } = require("./download");
+const { platformTarget, supportedGlibc } = require("./platform");
+
+const PLACEHOLDER_TEXT = "Native binary placeholder.";
+const PLACEHOLDER_READ_BYTES = 256;
+
+async function sha256(path) {
+  const hash = createHash("sha256");
+  for await (const chunk of createReadStream(path)) {
+    hash.update(chunk);
+  }
+  return hash.digest("hex");
+}
+
+async function install(binName, repository, options = {}) {
+  const version = options.version;
+  if (!version) {
+    throw new Error("version is required for install()");
+  }
+  const target = Object.hasOwn(options, "target") ? options.target : platformTarget();
+  if (!target) {
+    throw new Error(unsupportedPlatformMessage(binName));
+  }
+
+  const vendorDir = options.vendorDir;
+  if (!vendorDir) {
+    throw new Error("vendorDir is required for install()");
+  }
+  const executable = options.destinationName || binName;
+  const destination = join(vendorDir, executable);
+  const destinationExists = existsSync(destination);
+  const destinationIsPlaceholder = destinationExists && isPlaceholder(destination);
+
+  if (process.env.SKIP_BINARY_DOWNLOAD) {
+    if (destinationExists && !destinationIsPlaceholder) {
+      return destination;
+    }
+    throw new Error(
+      `SKIP_BINARY_DOWNLOAD is set but ${destination} is missing or still a placeholder; unset SKIP_BINARY_DOWNLOAD to install ${binName}.`,
+    );
+  }
+
+  if (options.checkExisting && destinationExists && !destinationIsPlaceholder) {
+    return destination;
+  }
+
+  const asset = assetName(binName, version, target);
+  const baseUrl = options.baseUrl || releaseBaseUrl(repository, version, options.envVar);
+  const temp = `${destination}.tmp-${process.pid}`;
+
+  await mkdir(vendorDir, { recursive: true });
+
+  try {
+    console.log(`Downloading ${binName} v${version} for ${target}...`);
+    await download(`${baseUrl}/${asset}`, temp);
+
+    let checksumText;
+    try {
+      checksumText = await fetchText(`${baseUrl}/${asset}.sha256`);
+    } catch (e) {
+      throw new Error(`Failed to fetch checksum for ${asset}: ${e.message}`);
+    }
+
+    const expected = parseChecksum(checksumText, asset);
+    const actual = await sha256(temp);
+    if (actual !== expected) {
+      throw new Error(`Checksum mismatch for ${asset}: expected ${expected}, got ${actual}`);
+    }
+    if (!target.endsWith("windows-msvc")) {
+      await chmod(temp, 0o755);
+    }
+    await rename(temp, destination);
+    return destination;
+  } catch (error) {
+    await rm(temp, { force: true });
+    throw new Error(`Failed to install ${binName}: ${error.message}`);
+  }
+}
+
+function isPlaceholder(path) {
+  let fd;
+  try {
+    fd = openSync(path, "r");
+    const buffer = Buffer.alloc(PLACEHOLDER_READ_BYTES);
+    const bytesRead = readSync(fd, buffer, 0, buffer.length, 0);
+    return buffer.subarray(0, bytesRead).toString("utf8").includes(PLACEHOLDER_TEXT);
+  } catch (error) {
+    if (error.code === "ENOENT") {
+      return false;
+    }
+    throw new Error(`Failed to inspect native binary placeholder ${path}: ${error.message}`);
+  } finally {
+    if (fd !== undefined) {
+      closeSync(fd);
+    }
+  }
+}
+
+function unsupportedPlatformMessage(
+  binName,
+  platform = process.platform,
+  arch = process.arch,
+  report = process.report,
+) {
+  if (platform === "linux" && (arch === "x64" || arch === "arm64") && !supportedGlibc(report)) {
+    return `Linux npm installs require glibc 2.35 or newer. Install with \`cargo install ${binName}\` instead.`;
+  }
+  return `Unsupported platform ${platform}/${arch}. Install with \`cargo install ${binName}\` instead.`;
+}
+
+module.exports = {
+  install,
+  isPlaceholder,
+  sha256,
+  unsupportedPlatformMessage,
+};

package/scripts/install/platform.js

@@ -0,0 +1,50 @@
+"use strict";
+
+const MIN_GLIBC = [2, 35];
+
+function platformTarget(platform = process.platform, arch = process.arch, report = process.report) {
+  if (platform === "darwin" && arch === "x64") {
+    return "x86_64-apple-darwin";
+  }
+  if (platform === "darwin" && arch === "arm64") {
+    return "aarch64-apple-darwin";
+  }
+  if (platform === "win32" && arch === "x64") {
+    return "x86_64-pc-windows-msvc";
+  }
+  if (platform === "linux" && (arch === "x64" || arch === "arm64")) {
+    if (!supportedGlibc(report)) {
+      return null;
+    }
+    return arch === "x64" ? "x86_64-unknown-linux-gnu" : "aarch64-unknown-linux-gnu";
+  }
+  return null;
+}
+
+function isGlibc(report = process.report) {
+  return glibcVersion(report) !== null;
+}
+
+function glibcVersion(report = process.report) {
+  const header = typeof report?.getReport === "function" ? report.getReport().header : {};
+  return header?.glibcVersionRuntime || header?.glibcVersionCompiler || null;
+}
+
+function supportedGlibc(report = process.report) {
+  const version = glibcVersion(report);
+  if (!version) {
+    return false;
+  }
+  const [major, minor] = version.split(".").map((part) => Number.parseInt(part, 10));
+  if (!Number.isInteger(major) || !Number.isInteger(minor)) {
+    return false;
+  }
+  return major > MIN_GLIBC[0] || (major === MIN_GLIBC[0] && minor >= MIN_GLIBC[1]);
+}
+
+module.exports = {
+  glibcVersion,
+  isGlibc,
+  platformTarget,
+  supportedGlibc,
+};